- Internet & the Web
Internet Safety: Securing Your Wireless (Wi-Fi) Network
Wireless ADSL is one of the alternatives out there for people who can't get a fixed line installed for whatever reason. It's also cheaper in general because there's less in the way of installation costs, and generally the monthly fees paid over to your ISP are less as well. It's better in some ways than 3G, because in my experience you'll be hard pressed to find a suitable uncapped 3G option (you might find one but it'll more than likely have a ridiculous fair use limit with throttled speeds thereafter), whereas that task is easy with Wireless ADSL. And of course it's more convenient because like 3G, it allows for mobility, unlike a fixed line.
But using a wireless network does pose security risks, and isn't as secure as 3G or a fixed line. If left unsecured, someone can easily piggyback off of your network, and from there steal your bandwidth (making tasks like loading pages, viewing videos, downloading, etc. take longer), run up your monthly bill, and worst of all, monitor traffic on your network, sniff passwords that you enter on websites, and even hack in to devices on the network and steal sensitive information. They could even use your connection to do illegal things, and you would more than likely end up in trouble for it!
This article will attempt to cover most of the things you can do to make sure that your wireless network is as safe to use a possible.
Change the router password
Routers come with default passwords, which should be changed as soon as possible. The default passwords for every manufacturer can easily be found in a public database.
Enable network encryption
You should enable encryption on your network. WPA2 (Wi-Fi Protected Access) is the standard nowadays and has been for some years. You’ll also have an opportunity to set a password for your network here.
Make sure to use a strong password for both your router and network. Make a long password comprised of numbers, letters (lower and uppercase) and special symbols or punctuation marks if supported. Never use personal details as a password. Using a weak password will mean that the encryption can be easily cracked. See here for more on creating strong passwords.
Disable the SSID broadcast
There are different thoughts on this. Some recommend that you disable the SSID (Service Set Identifier) broadcast as it will mean if a casual user scans for your network, he or she won’t find it. But others suggest that determined hackers can still pick it up with tools that they use, so there’s no real point in disabling it.
Others say that by changing the name you at least stop others from inadvertently or accidentally connecting to your network, and that by changing the SSID name, you’ve at least shown to those who might try to intentionally hack into a network that you aren’t a complete novice – they’re going not going to waste as much time with someone who has properly secured their network, instead opting to target those who haven’t a clue as to what’s going on, as it will be easier for them.
It's recommended that you don't use personal details in your SSID name.
Every device has a MAC address. You can find it out by entering "ipconfig /all" in your command prompt if using Windows, and from there you can add that MAC address to a list of accepted or approved devices that can connect to your network.
MAC addresses can be spoofed however, if the hacker finds out what it is, and he/she can simply change the MAC address of the device they intend to use to piggyback on your network. This is why you should check your list of MAC addresses periodically to see that all is in order.
IP address restriction
You might be able to limit the number of IP addresses assigned by your router, so even if someone comes along and they know or managed to guess/crack the password for your network, they wouldn’t be able to connect because the router has been instructed to only provide as many IP addresses as there are devices in your home that can connect to the network.
Simple tin foil can be put on the router's antennae in an effort to reduce the range of the wireless signal.
Limit the signal
You can try to put the router in various places, like under the bed, in order to limit the signal. The ultimate goal would be to restrict the signal to your house only. If not, that signal can reach as far as 100 metres, which could mean all the way down the block in your neighbourhood.
One can also try to place tin foil on the antennae of the router to restrict the signal.
The signal can be reduced to 802.11g instead of 802.11n or 802.11b.
Anti Wi-Fi paint can be used to stop Wi-Fi signals from leaving the house, and to stop Wi-Fi signals from getting in too.
Disable remote login
Most routers have this option disabled by default. You should make absolutely sure that it is when you first start using it, and then every now and again as well.
Router worms can force their way in if this option is enabled, particularly if the username is known -- then it isn't hard to crack the password. If you must use remote login, only do so temporarily and then when you're done, turn it off again. Don't leave it enabled permanently.
Disable wireless administrating
If someone were to guess/crack the router password, they could easily change all of the security settings that you’ve implemented, so you want to try and limit who has access to these settings, and you can do by disabling wireless administrating, which means you’ll have to use a LAN cable.
Disable 'File and Printer Sharing'
This can be useful when you have devices on the same network, and you want to share information between them the easily. But hackers can exploit this so it is better to turn it off, especially when using a public Wi-Fi hotspot.
Disable laptop adapter when not using network
You can elect to disconnect from the network when not using it. This will prevent your computer from connecting to another network without your knowledge, and in the event that someone does piggyback on the wireless network in your home, your device won’t be connected to it, so it limits the damage that can be done to you personally.
Switch off router when not using network
You should ideally switch off your router when not using it, as this means that nobody will be able to pick up any signal, and you save on electricity.
Encrypt private folders and files
You should come up with passwords for your folders and files, so even if someone were to piggyback on your network after cracking the network password, and hack in to your device, you can restrict what they are able to access on your device. This is especially necessary when using public Wi-Fi spots.
If you want to be extra careful, then back up the files to a flash drive or external hard-drive. If you don't want to carry these extra items around with you when traveling, then you might consider a cloud storage service.
You should always use HTTPS. This is especially true when doing anything important online, like email or banking.
You can even get addons for your browser that force HTTPS. If a website doesn’t use it for whatever reason, then reconsider using it. I’ve seen email services that don’t use HTTPS and I would be reluctant to use them at all. Gmail not only allows you to sign in with a secure connection, but gives you the option to encrypt all communications within that account.
- HTTPS Everywhere | Electronic Frontier Foundation
HTTPS Everywhere is a Firefox and Chrome extension that encrypts your communications with many major websites, making your browsing more secure. Encrypt the web: Install HTTPS Everywhere today.
Use a VPN
Using a VPN (virtual private network) is recommended for using public Wi-Fi spots or otherwise unsecured wireless networks.
Beware of using free solutions. Rather opt for a paid one, seeing as the free ones have no transparent means of monetization, so one must assume that they might well use the information that is passing through the encrypted tunnel they provide for nefarious purposes.
Upgrade router firmware
Periodically check to see that your router's firmware is up to date. You can do this by comparing the firmware version displayed from the router's dashboard to the version on the manufacturer's website.
Update all your software regularly
Which of these is most important in securing a wireless network?
© 2015 Anti-Valentine